public function isVerifiedAdminUser()

in 2.0.x-2.2.x/upload/catalog/model/module/facebook_business.php [194:216]

• 18 lines of code
• 7 McCabe index (conditional complexity)

    public function isVerifiedAdminUser($username, $password, $check_authorised = '', $install = false) {
        $user_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "user WHERE username = '" . $this->db->escape($username) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape(htmlspecialchars($password, ENT_QUOTES)) . "'))))) OR password = '" . $this->db->escape(md5($password)) . "') AND status = '1'");

        if ($user_query->num_rows) {
            if (!empty($check_authorised)) {
                $user_group_query = $this->db->query("SELECT permission FROM " . DB_PREFIX . "user_group WHERE user_group_id = '" . (int)$user_query->row['user_group_id'] . "'");

                $permissions = json_decode($user_group_query->row['permission'], true);
          
                if (is_array($permissions) && in_array($check_authorised, $permissions['modify'])) {
                    if ($check_authorised == 'extension/module' && $install) {
                        $this->installExtension($user_query->row['user_group_id']);
                    }

                    return true;
                }
            } else {
                return true;
            }
        }

        return false;
    }